Lucene search
GitLabCVELIST:CVE-2021-39900HistoryOct 04, 2021 - 4:45 p.m.
CVE-2021-39900
2021-10-0416:45:45
GitLab
www.cve.org
2 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N
3.5 Low
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.0%
Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary availability via Rails logs.
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=10.8, <14.1.7"
},
{
"status": "affected",
"version": ">=14.2, <14.2.5"
},
{
"status": "affected",
"version": ">=14.3, <14.3.1"
}
]
}
]Related
osv
osv
BIT-gitlab-2021-39900
2024-03-06 11:18:08
CVE-2021-39900
2021-10-04 17:15:08
debiancve
debiancve
CVE-2021-39900
2021-10-04 17:15:08
nvd
nvd
CVE-2021-39900
2021-10-04 17:15:08
cve
cve
CVE-2021-39900
2021-10-04 17:15:08
ubuntucve
ubuntucve
CVE-2021-39900
2021-10-04 00:00:00
nessus
nessus
GitLab 10.8 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39900)
2024-01-03 00:00:00
prion
prion
Information disclosure
2021-10-04 17:15:00
veracode
veracode
Information Disclosure
2023-08-06 20:02:47
2 Low
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N
3.5 Low
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
23.0%
Related for CVELIST:CVE-2021-39900